Oval Definition:oval:org.mitre.oval:def:13778
Revision Date:2014-06-23Version:20
Title:DSA-1821-1 amule -- insufficient input sanitising
Description:Sam Hocevar discovered that amule, a client for the eD2k and Kad networks, does not properly sanitise the filename, when using the preview function. This could lead to the injection of arbitrary commands passed to the video player. For the stable distribution, this problem has been fixed in version 2.2.1-1+lenny2. The oldstable distribution is not affected by this issue. For the testing distribution this problem will be fixed soon. For the unstable distribution, this problem has been fixed in version 2.2.5-1.1. We recommend that you upgrade your amule packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-1440
DSA-1821-1
Platform(s):Debian GNU/Linux 5.0
Product(s):amule
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND amule-common DPKG is earlier than 2.2.1-1+lenny2
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • amule-utils DPKG is earlier than 2.2.1-1+lenny2
  • OR amule DPKG is earlier than 2.2.1-1+lenny2
  • OR amule-daemon DPKG is earlier than 2.2.1-1+lenny2
  • OR amule-utils-gui DPKG is earlier than 2.2.1-1+lenny2
    • BACK